source: http://www.securityfocus.com/bid/22559/info WebTester is prone to multiple input-validation issues, including multiple cross-site scripting and multiple SQL-injection issues, because the application fails to properly sanitize user-supplied input. A successful exploit of these vulnerabilities could allow an attacker to compromise the application, access or modify data, steal cookie-based authentication credentials, or even exploit vulnerabilities in the underlying database implementation. Other attacks are also possible. WebTester 5.0.20060927 and prior versions are vulnerable. http://www.example.com/webtester/directions.php?testID=\'
Related ExploitsTrying to match CVEs (1): CVE-2007-0970
Trying to match OSVDBs (1): 33203
Other Possible E-DB Search Terms: WebTester 5.0.20060927, WebTester
|2013-10-22||WebTester 5.x - Command Execution (Metasploit)||Metasploit|
|2013-10-16||WebTester 5.x - Multiple Vulnerabilities||X-Cisadane|